Dieter Maurer wrote:
Martin Aspeli wrote at 2009-4-12 18:31 +0800:
.... Finally, there is not total parity between Zope 2 security and Zope 3 security. Zope 2 cannot protect 'property set', for example.
Since Zope 2.8, Zope 2 could in principle -- and until quite recently I thought, it really can: it only fails with the "context" check (is the accessed object in the context of the UserFolder authenticating the current user). Of course, such checks fail for objects not acquisition wrapped. If we let pass this check in such cases, Zope 2 can protect property sets.
Not sure I understand you here. How would I declare that 'set' of an attribute (property) is protected by one permission and 'get' is protected by another? Martin -- Author of `Professional Plone Development`, a book for developers who want to work with Plone. See http://martinaspeli.net/plone-book